Jump to content
Report any bug Read more... ×
We're hiring! We are accepting applications for Developers, Teachers, Redactors and Junior Moderators. Read more... ×

Create an account on our board

or login and enjoy all the possibilities

Existing user? Sign In

Sign In



Sign Up

Learn Or Teach

You can learn computer security by practicing in the Dashboard, you can also be taught by a teacher. Or You can teach community members regardless of your specialty, and earn points for each person!

Learn or Teach

The Challenges

The new Challenges page is here. Take advantage of several vulnerable web applications to help train you such as, DVWA, XVWA, Mutillidae. You can also launch an existing or custom virtual machine.

Play Now !

Collaboration Room

The first categories of the forum are rooms that you can create or join in order to participate in events with the other members of the community. You can also create your room to make a teaching request, or attend your teacher's presentation. In this room you can create a private forum, store your information, invite other people etc.

Create Room

Create your club

You can create a club with your friends, earn points in teams. Creating a club gives you access to a team space. There you will have a private forum where you can store files, share information etc. Invite your friends and play together!

Create yours now!

VIP

Several VIP packs are available, understand that the survival of this site depends on it. Of course you can buy this pack with your points won during events. Formulas: Vip Member Vip Teacher Vip student

Buy
News
  • For new users read this
  • Challenges
  • for new users thank you to post in introduction and answer "Accept" on the topic of the rules to have access to the integrity of the forum and receive your Exploit-Code
  • The challenges board is being developed you are likely to encounter some bugs if this is the case report to an administrator.
Sign in to follow this  
  • entries
    6
  • comments
    0
  • views
    758

About this blog

All news on hacking

Entries in this blog

Security Flaws in WPA3 Protocol Let Attackers Hack WiFi Password

It has been close to just one year since the launch of next-generation Wi-Fi security standard WPA3 and researchers have unveiled several serious vulnerabilities in the wireless security protocol that could allow attackers to recover the password of the Wi-Fi network.

WPA, or Wi-Fi Protected Access, is a standard designed to authenticate wireless devices using the Advanced Encryption Standard (AES) protocol and is intended to prevent hackers from eavesdropping on your wireless data.

The Wi-Fi Protected Access III (WPA3) protocol was launched in an attempt to address technical shortcomings of the WPA2 protocol from the ground, which has long been considered to be insecureand found vulnerable to KRACK (Key Reinstallation Attack).

Though WPA3 relies on a more secure handshake, known as Dragonfly, that aims to protect Wi-Fi networks against offline dictionary attacks, security researchers Mathy Vanhoef and Eyal Ronen found weaknesses in the early implementation of WPA3-Personal, allowing an attacker to recover WiFi passwords by abusing timing or cache-based side-channel leaks.
  "Concretely, attackers can then read information that WPA3 was assumed to safely encrypt. This can be abused to steal sensitive transmitted information such as credit card numbers, passwords, chat messages, emails, and so on," the researchers say.   Vulnerabilities in WPA3 — Hacking WiFi Password
In a research paper, dubbed DragonBlood, published today, researchers detailed two types of design flaws in WPA3—first leads to downgrade attacks and second to side-channel leaks.

Also Read: How to Hack WiFi Password Easily Using New Attack On WPA/WPA2.

Since the 15-year-old WPA2 protocol has been widely used by billions of devices, widespread adoption of WPA3 won't happen overnight. To support old devices, WPA3 Certified devices offer a "transitional mode of operation" that can be configured to accept connections using both WPA3-SAE and WPA2.

Researchers find that the transitional mode is vulnerable to downgrade attacks, which attackers can abuse to set up a rogue AP that only supports WPA2, forcing WPA3-supported devices to connect using insecure WPA2's 4-way handshake.
  "We also discovered a downgrade attack against SAE [Simultaneous Authentication of Equals handshake, commonly known as Dragonfly] itself, where we can force a device into using a weaker elliptic curve than it normally would use," the researchers say.
Moreover, a man-in-the-middle position is not needed to carry out downgrade attack. Instead, attackers only need to know the SSID of the WPA3- SAE network.

Researchers also detail two side-channel attacks—Cache-based (CVE-2019-9494) and Timing-based (CVE-2019-9494) attacks—against Dragonfly's password encoding method that could allow attackers to perform a password partitioning attack, similar to an offline dictionary attack, to obtain Wi-Fi password.
  "For our password partitioning attack, we need to record several handshakes with different MAC addresses. We can get handshakes with different MAC addresses by targeting multiple clients in the same network (e.g. convince multiple users to download the same malicious application). If we are only able to attack one client, we can set up rogue APs with the same SSID but a spoofed MAC address."
Besides these, the duo also documented a Denial of Service attack that can be launched by overloading an "AP by initiating a large amount of handshakes with a WPA3-enabled Access Point," bypassing SAE's anti-clogging mechanism that is supposed to prevent DoS attacks.

Some of these vulnerabilities also affect devices using the EAP-pwd (Extensible Authentication Protocol-Password) protocol, which is also based on the Dragonfly password-authenticated key exchange method.

As a proof-of-concept, researchers will shortly release the following four separate tools (in the GitHub repositories hyperlinked below) that can be used to test the vulnerabilities as mentioned above.
  Dragondrain—a tool that can test to which extend an Access Point is vulnerable to Dos attacks against WPA3's Dragonfly handshake. Dragontime—an experimental tool to perform timing attacks against the Dragonfly handshake. Dragonforce—an experimental tool that takes the information to recover from the timing attacks and performs a password partitioning attack. Dragonslayer—a tool that implements attacks against EAP-pwd.   "Nearly all of our attacks are against SAE’s password encoding method, i.e., against its hash-to-group and hash-to-curve algorithm. Interestingly, a simple change to this algorithm would have prevented most of our attacks," the researchers say.   Wi-Fi Alliance Working With Vendors to Patch Reported Issues
The duo reported their findings to the WiFi Alliance, the non-profit organization that certifies WiFi standards and Wi-Fi products for conformity, who acknowledged the issues and are working with vendors to patch existing WPA3-certified devices.
  "The software updates do not require any changes that affect interoperability between Wi-Fi devices. Users can refer to their device vendors' websites for more information," the WiFi Alliance says in its press release.   "The software updates do not require any changes that affect interoperability between Wi-Fi devices. Users can expect all their Wi-Fi devices, whether patched or unpatched, to continue working well together."
You can read more information about these vulnerabilities on the DragonBlood dedicated website, and the research paper [PDF], which also explains how minor changes to the protocol could prevent most of the attacks detailed by the researchers.

AdminSec

AdminSec

540 Million Facebook User Records Found On Unprotected Amazon Servers

It's been a bad week for Facebook users. First, the social media company was caught asking some of its new users to share passwords for their registered email accounts and now… ...the bad week gets worse with a new privacy breach. More than half a billion records of millions of Facebook users have been found exposed on unprotected Amazon cloud servers. The exposed datasets do not directly come from Facebook; instead, they were collected and unsecurely stored online by third-party Facebook app developers. Researchers at the cybersecurity firm UpGuard today revealed that they discovered two datasets—one from a Mexican media company called Cultura Colectiva and another from a Facebook-integrated app called "At the pool"—both left publicly accessible on the Internet.                               More than 146 GB of data collected by Cultura Colectiva contains over 540 million Facebook user records, including comments, likes, reactions, account names, Facebook user IDs, and more. The second dataset belonging to "At the Pool" app contains information about users' friends, likes, groups, and checked-in locations, as well as "names, plaintext passwords and email addresses for 22,000 people." Though UpGuard believes the plaintext passwords found in the database were for the At the Pool app, and not for users' Facebook accounts, given the fact that people frequently re-use the same passwords for multiple apps, many of the leaked passwords could be used to access Facebook accounts.     "As Facebook faces scrutiny over its data stewardship practices, they have made efforts to reduce third-party access. But as these exposures show, the data genie cannot be put back in the bottle. Data about Facebook users have been spread far beyond the bounds of what Facebook can control today," experts at UpGuard said.
Both datasets were stored in unsecured Amazon S3 buckets, which have now been secured and taken offline after Upguard, Facebook and media contacted Amazon. This is not the first time third-party companies have collected or misused Facebook data and sometimes leaked it to the public. The most famous incident is the Cambridge Analytica scandal wherein the political data firm improperly gathered and misused data on 87 million users through a seemingly innocuous quiz app, for which the social media giant is facing £500,000 EU fine.

AdminSec

AdminSec

The Bank of Dakar hacked

The Banque de Dakar has been the victim of hacking against a backdrop of fraudulent transactions. The implicated, a Senegalese and 6 Nigerians arrested by the Special Division of Cybercrime. According to AS, which gives the information, once a personal or corporate account is opened at the Bdk, they have managed, with a sophisticated computer system, to enter the network of the banking institution to pump several million Fcfa. The newspaper says they pumped about 50 million CFA francs per account. But the overall amount can change considerably during investigations.

AdminSec

AdminSec

600,000 pirated printers to promote UX training

Printer ports open to the world Can a bot able to hack printers from around the world encourage office workers to become designers fighting the future of AI? Nothing is less certain, but this is what the Russian online university Skillbox is trying to do, which uses an iconoclastic means to publicize one of its new web design courses. Using the Shodan API, which indexes devices connected to the Web, the marketing agency Possible Group has reported that it has successfully printed a warning message sent by a company since March 11, 2019, on more than 600,000 printers worldwide. bot to office workers. Without being a lawyer, we know that Possible Group, which is part of the multinational WPP, should probably not run the risk of a legal catastrophe by carrying out such an operation. It seems that it is the Russian branch that is at work, perhaps less hesitant to flout certain basic ethical rules. But the fact remains that in the end, all these scanned printers do not represent a violation of computer fraud laws because no damage was caused to the devices during this scan.
These printers, stupidly exposed online because of their open 9100 port, can not be damaged by Shodan users who can simply print a message. But there is something to wonder about its content: "By 2024, there is a 94% chance that I replace millions of accountants, auditors and financial analysts, regardless of their level of experience or talented ", one can read the clerical employees targeted by this iconoclast piracy. " All is not lost. I will not be able to replace the creative professions in the near future. Only 20% of graphics work will be replaced by bots by 2024, "says the message, before embarking on a Skillbox UX design course created by Michael Janda, author of Burn Your Portfolio. "The world is changing rapidly and we need to tell as many people as possible," Skillbox CEO Dmitry Krutov said of his "surprising" promotion. "We want to avoid mass unemployment that will result from advances in technology. Everyone deserves a job that will allow them to reach their full potential and help them succeed. That's why it's important to start thinking now about the work you'll be doing in five to ten years. And, of course, the CEO wants employees to sign up, clearly outlining the growing paranoia in society that AI will take jobs. The full message can be read on the Beware of Bots website or - why not - by contacting a nearby company to find out if it has been targeted by this strange hacking campaign.

AdminSec

AdminSec

Hacker who was offering Cybercrime-as-a-service detained in Novokuznetsk

Employees of the Ministry of Internal Affairs of Russia with the assistance of experts of Group-IB, an international company specializing in the prevention of cyber attacks, detained a hacker in Russian city Novokuznetsk who hacked computers around the world.

The detainee offered Cybercrime-as-a-service services to cyber criminals.  He created and maintained admin panels for managing malware and botnets.  
 
According to the local report, he infected more than 50 thousands computers across the world.  He managed to steal usernames and passwords from browsers, mail clients of the infected computers.  He also reportedly stole financial information such as bank card details. 

The investigation began in the spring of 2018, when the hacker infected around 1000 of computers with malicious software Formgrabber.

"He administered the botnet, which counted several thousand infected computers of Russian and foreign users,” the press service of the Ministry of Internal Affairs reported.

It turned out that the hacker is only 26 years old, since 15 he has earned money by creating websites for computer games, but then he decided to learn the profession of a hacker.  More recently, he was testing malware targeting Android platform.

He has already been charged under the article "Creation and distribution of malicious computer programs". He completely admitted his guilt.

AdminSec

AdminSec

PHISHING ATTACKS CAPABLE OF BYPASSING MULTI-FACTOR AUTHENTICATION INCREASE

Gmail, from Google, is one of the main services that use this login method Network security and ethical hacking specialists from the International Institute of Cyber security ensure that malicious actors have been developing their methods to deploy phishing campaigns to the point where they are able to bypass multi factor authentication. “There has been a significant increase in the number of phishing attacks capable of bypassing two-factor authentication (2FA)”, experts commented. This phishing variant works by tricking the victim into revealing your password and a one-use code that protects your email account. This code of a use is very difficult to get for hackers, as it is sent to the phone number linked to the email account and expires less than a minute later. A few months ago, Amnesty International detected a group of hackers who managed to bypass the authentication of two factors using an automatic phishing tool capable of extracting the keys and entering them on the legitimate platform. Subsequently, a network security expert launched a set of open source tools that worked in a similar way. Because this one-use code is sent via SMS, any technique to intercept these utensils will be useful to complete the attack. Therefore, two-factor authentication is primarily vulnerable to attacks against the SMS system. Google, which uses this authentication system for its Gmail service, is deploying a hacking prevention campaign, mainly through blocking logins from unknown locations. The company has also alerted users to possible emails with malicious links or attachments. According to network security specialists, the best way to prevent this kind of attack is with hardware solutions, such as the USB security keys. These tools eliminate the need to receive a key by SMS, because the hardware itself works as a second way of authentication. By Google policy, for example, all of its employees carry one of these security keys and, although their price is not the most economical, cybersecurity experts reaffirm that, so far, this is the best way to prevent phishing attacks. The news about these phishing variants is a reminder to any user about how important it is to check what goes into your email. The operators of these campaigns will always try to impersonate legitimate services, such as streaming platforms or accounts in applications developed by third parties; It is the responsibility of each user to distinguish between legitimate and malicious content and know how to act in case of finding a phishing attempt.

AdminSec

AdminSec

Sign in to follow this  
×